Azure Functions allow you to run PowerShell scripts in a serverless environment, automating tasks like SharePoint management, user provisioning, and data synchronization without needing a dedicated VM or server.
Why Use Azure Functions for PowerShell?
✔ Scalability – Runs scripts on demand without manual intervention
✔ Event-Driven Execution – Trigger scripts based on events (HTTP, Timer, Blob Storage, etc.)
✔ Security – Uses Managed Identity & Azure Key Vault for secure credentials
✔ No Infrastructure Management – No need for dedicated servers
Step 1: Setting Up an Azure Function for PowerShell
1.1 Create an Azure Function App
1️⃣ Go to Azure Portal → Create a resource → Function App
2️⃣ Configure:
- Subscription: Select your Azure subscription
- Resource Group: Create a new one or use an existing
- Function App Name: Example:
PowerShellAutomationFunc - Region: Select nearest region
- Runtime Stack: Select PowerShell Core
- Operating System: Windows
- Plan Type: Consumption (Serverless)
3️⃣ Click Review + Create → Create
Result: Your Azure Function App is deployed.
Step 2: Creating a PowerShell Function
2.1 Add a PowerShell Function
1️⃣ Go to Function App → Functions → Create
2️⃣ Choose Timer Trigger (for scheduled execution)
3️⃣ Name it DailyAutomationTask
4️⃣ Set a CRON Schedule Expression:
0 0 8 * * *
Runs daily at 8 AM UTC
Result: A PowerShell function is created in Azure Functions.
Step 3: Writing PowerShell Script for Automation
3.1 Sample PowerShell Script for SharePoint Cleanup
param($Timer)
# Import PnP PowerShell
Import-Module PnP.PowerShell
# Connect to SharePoint Online
$SiteURL = "https://yourtenant.sharepoint.com/sites/automation"
$Credential = Get-AutomationPSCredential -Name "SharePointAdmin"
Connect-PnPOnline -Url $SiteURL -Credentials $Credential
# Fetch old files (older than 1 year)
$OldFiles = Get-PnPListItem -List "Documents" | Where-Object { $_["Created"] -lt (Get-Date).AddYears(-1) }
# Delete old files
foreach ($File in $OldFiles) {
Remove-PnPListItem -List "Documents" -Identity $File["ID"] -Force
Write-Host "Deleted File: $($File['Title'])"
}
Write-Host "Old file cleanup completed!"
Result: The script automatically removes old SharePoint files.
Step 4: Secure Credentials Using Azure Key Vault
4.1 Storing Credentials Securely
1️⃣ Go to Azure Key Vault → Create
2️⃣ In Secrets, add:
- Name:
SharePointAdminPassword - Value: Your SharePoint Admin password
4.2 Accessing Credentials in PowerShell
Modify the script to fetch credentials securely:
$VaultName = "MyKeyVault"
$Secret = Get-AzKeyVaultSecret -VaultName $VaultName -Name "SharePointAdminPassword" -AsPlainText
$Credential = New-Object System.Management.Automation.PSCredential ("admin@yourtenant.onmicrosoft.com", (ConvertTo-SecureString $Secret -AsPlainText -Force))
Connect-PnPOnline -Url "https://yourtenant.sharepoint.com" -Credentials $Credential
Result: Credentials are securely managed in Azure Key Vault.
Step 5: Running the Function Manually
5.1 Test Execution in Azure Portal
1️⃣ Go to Azure Function App
2️⃣ Select the function DailyAutomationTask
3️⃣ Click Test/Run
4️⃣ Verify logs for successful execution
Result: The script executes successfully and cleans up old SharePoint files.
Step 6: Setting Up Logging and Monitoring
6.1 Enable Application Insights for Logs
1️⃣ In Function App, go to Application Insights
2️⃣ Click Enable
3️⃣ Monitor logs in Log Analytics
6.2 Checking Logs with PowerShell
Run the following to view logs:
Get-AzOperationalInsightsSearchResults -WorkspaceId "YourWorkspaceID" -Query "AzureDiagnostics | where TimeGenerated > ago(1h)"
Result: Logs track function execution and errors.
Step 7: Automating with Event-Based Triggers
7.1 Adding an HTTP Trigger (Example: Run Script via API Call)
1️⃣ Go to Function App → Functions → Create
2️⃣ Select HTTP Trigger
3️⃣ Choose Anonymous Authentication
7.2 Modify PowerShell Script for HTTP Trigger
param($Request)
$Body = $Request.Body | ConvertFrom-Json
$SiteURL = $Body.siteURL
Connect-PnPOnline -Url $SiteURL -UseWebLogin
$Files = Get-PnPListItem -List "Documents"
Write-Output ($Files | ConvertTo-Json)
Result: Allows running PowerShell scripts via API calls.
Step 8: Deploying PowerShell Scripts from Local Machine
8.1 Install Azure Function Tools
Install-Module -Name Az.Functions -Scope CurrentUser
8.2 Deploy Script to Azure Functions
Publish-AzFunctionApp -ResourceGroupName "MyResourceGroup" -Name "PowerShellAutomationFunc"
Result: Deploys local PowerShell scripts to Azure Functions.